Hi, I have a script from creating Local Domain groups from Global Security groups, now I want to expand that script so it automatically adds that Global group to Domain Local group.
Here is the script that I have and that works for creating Domain Local groups:
$groups = Get-ADGroup `
-Filter 'GroupScope -eq "Global" -and GroupCategory -eq "Security"' `
-Properties Description,DisplayName,ManagedBy
ForEach ($group in $groups) {
$params = @{
Path = $group.DistinguishedName -replace '^cn=.+?(?<!\\),'
Name = "DL_FGL_$($group.Name)"
SamAccountName = "DL_$($group.SamAccountName)"
Description = "$($group.Description)"
DisplayName = "$($group.DisplayName)"
ManagedBy = $group.ManagedBy
GroupCategory = "Security"
GroupScope = "DomainLocal"
}
Try {
Get-ADGroup -Identity "DL_$($group.SamAccountName)" | Out-Null
}
Catch {
New-ADGroup @params
}
}